Indonesia French German Spain Italian DutchRussian Portuguese Japanese Korean Arabic Chinese Simplified Widget edited mneh by xenad1325

Network command in unik/linux, windows or mac OS

The following commands will report the TCP/IP configuration on Unix, MacOS X, Windows, and Cisco operating systems. By "Unix" I mean anything vaguely Unix-like — Solaris, Linux, BSD, Tru64, AIX, IRIX, HP-UX, etc., plus MacOS X.

Note that the Cisco IOS allows for command abbreviation. That is, instead of:
router> show interfaces
you could simply type:
router> sh in
However, I prefer to use the entire command, using the tab key for command completion. You type just sh and then press :
router> sh
and the system finishes the command itself:
router> show
At that point you could press ? to see what alternatives are available (in the case of the show command, quite a few!), and then type enough of the parameter to be unambiguous:
router> show in
and it finishes the parameter for you:
router> show interfaces
Only two more key presses and you get a clear explanation of what it's doing. More importantly, your typing errors become much more obvious!

Read more...

WINDOWS IP CONFIG

Configure IP (internet protocol configuration)

Syntax

IPCONFIG /all = Display full configuration information.
IPCONFIG /release [adapter] = Rlease the IP address for the specified adapter.
IPCONFIG /renew [adapter] = Renew the IP address for the specified adapter.
IPCONFIG /flushdns = Purge the DNS Resolver cache.
IPCONFIG /registerdns = Refresh all DHCP leases and re-register DNS names.
IPCONFIG /displaydns = Display the contents of the DNS Resolver Cache.
IPCONFIG /showclassid adapter = Display all the DHCP class IDs allowed for adapter.
IPCONFIG /setclassid adapter [classid] = Modify the dhcp class id.

If the Adapter name contains spaces, use quotes: "Adapter Name"
wildcard characters * and ? allowed, see the examples below

The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP.

For Release and Renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed.

For Setclassid, if no ClassId is specified, then the ClassId is removed.

Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL

> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"

> ipconfig /setclassid "Local Area Connection" TEST
... set the DHCP class ID for the
named adapter to = TEST

"Life is a grand adventure - or it is nothing." - Helen Keller

Related:

BROWSTAT - Get domain, browser and PDC info
NETSTAT - Display networking statistics (TCP/IP)
NETSH - Configure interfaces, routing protocols, filters, routes, RRAS
PATHPING - IP trace utility
PING - Test a network connection
Q192064 - Locate multiple preferred logon servers
Q813878 - How to block specific network protocols and ports.
Q313190 - Use IPSec IP Filter Lists
The Inq/Jon Honeyball - Routing to harden machines against attack
www.ipchicken.com
Equivalent bash command (Linux): lookupd -flushcache, ifconfig - IP configuration
Equivalent bash command (OS X): ipconfig / dscacheutil - View IP config / Query / flush the Directory Service cache


resource www.ss64.com

Read more...

WIRELESS HACK

Ever wondered just how secure your WEP protected wireless network is? Well today I'll show you how to test it. There have been a lot of articles written about this subject already and by now it is common knowledge that WEP is only the barest of security precautions. I'm going to show you how you can test your own wireless network's security using the linux livecd distro back|track. Before we go any further, I feel it necessary to mention two things. The first being the ethics of hacking. Most of you are probably familiar with this subject already but, just to refresh your memory. Second, it goes without saying that this is for YOUR OWN NETWORK TESTING PURPOSES ONLY. Unauthorized access of other people's networks is illegal. If you have problems or questions about anything in this guide, for the love of god use google/wikipedia and look it up first. Don't just start ranting on forums like a moron without doing a little research first. There are probably other people who have had the same problems and solved them already. Ok, parental rant over. Lets get down to the dirty stuff:



First of all, you'll need to check and make sure your wireless card has the right chipset. Most wireless cards are programmed only to accept data that is addressed to them. Other cards, specifically the ones that are of use for wifi sniffing, are capable of picking up all traffic that is flying through the air. Common types are Atheros, Prism, Aironet, Realtek, Hermes, etc based cards. You are on your own figuring out what type of chipset your wireless card has, as its too vast to get into here, but check this thread for more info. Your probably just going to have to search for your specific card to find out what chipset it has then compare it to this compatability list. For a good discussion on types of cards that work, check this http://forums.remote-exploit.org/showthread.php?t=2191

Next, download a copy of back|track, a slackware distro designed for security testing purposes. This is a linux livecd, which means it will boot the entire OS from the cd. Download the ISO and use a burning program such as Nero, Alcohol or my personal favorite, the awesome freeware cd/dvd burning program cdburnerXP to burn the disk image to a cd. Pop the disk in and reboot, and boot from the disk. Back|track may take a while to boot up.

When back|track boots up (and hopefully finds all your hardware) you will be presented with a login screen. To quote the venerable xatar, "Read the f**king screen!" The login, as it says above the prompt is "root" and the password is "toor" (minus the ""). Note that linux is case sensitive. After you are logged in, you could run all of the commands I will get into later from this prompt. But thats no fun, so type in:

xconf



This should create a file /etc/X11/xorg.conf and autodetect your video settings. (with nvidia cards, you may still have video problems as I did, such as not getting above 640x480... should you choose to install backtrack to the harddrive, check out http://forums.remote-exploit.org/showthread.php?t=2176&highlight=nvidia for more info on fixing this)

To get the KDE gui desktop to start up, simply type:

startx



If everything goes smoothly, you should be awash in the beautiful glow of the back|track KDE desktop. Given the beautiful read only nature of the livecd, you can do anything to this operating system and not have to worry about messing it up. If things get a little weird, or screwed up, just reboot and the OS is back to normal. So GO EXPLORE, run random programs, see what they do, go nuts.

At the bottom left of the screen is a little icon that looks like a monitor with a black screen. This is called the bash prompt. This is where you will be spending most of your time, so click on this to open up a new bash prompt. Note that you can double click on the bar to the right of the tab that says "Shell" and it will create a new bash tab, negating the necessity to open up multiple instances of the bash window. First, a few networking commands to get you up to speed on your own system. Type

ifconfig -a

ifconfig

This will show you a list of all compatible network cards on your system. You should see a list of devices such as ath0, eth0, wifi0, wlan0 etc. One of these is your wireless card. If you have an Atheros based card, it will be ath0. Make note of the name of your card, as you will be using it later. For the rest of this guide, I will be using ath0 since that is the card I have. Replace ath0 with whatever card you have.

You can also check out your wireless cards specifically by typing in:

iwconfig

I've got two wireless cards. The one built into my laptop, an intel card (eth0) and an Atheros pcmcia card (ath0). Now that we have the name of our wireless cards, we can start sniffing. Some like to use Kismet to sniff for networks, but I find using airodump-ng to be easier and ultimately more effective. In your bash prompt, type:

airodump-ng --write out --ivs --abg ath0



This starts airodump-ng and tells it to begin sniffing data, write it to the file out, only capture IVs (Initialization Vectors), search the a, b and g bands using the ath0 card. Keep in mind, every time you specify the same output file name, such as "out", airodump-ng will append the file name with "-##" such as out-01.ivs, out-02.ivs, etc.You will see a list of access points on the top half of the screen, and clients on the bottom. Find your access point in the list. Write down the BSSID or Mac address of the access point and any connected clients. You'll need it later. From now on in this document, the access point's mac address will be referred to as APmac and the client mac as CLmac. The goal of the attack is to capture as many unique IVS as possible. Every time data is sent between the wireless server and client, each packet contains IV which are collected and then run through the aircrack-ng program for computation.

You should be seeing a ton of numbers flying by, but not updating vary quickly. Thats because airodump-ng is searching all channels. Once you see your network, note what channel it is on (under the CH header). Stop airodump-ng by hitting:

ctrl-c



Now start it up again but this time we will add --channel # where # is the channel number of the access point, say, channel 6

airodump-ng --channel 6 --write out --ivs --abg ath0

airodump

Airodump-ng should be running much faster now, and updating constantly. You will see a number rising very quickly, this is generally the beacons. Beacons just basically say "hey, i'm an access point" about 10 times a second. You can judge the quality of your connection by how fluid the rise in beacons are. Other than this, they are useless for our purposes. For this type of attack it is important for there to be a client connected to the access point. So march over to your other computer and log on to the net wirelessly. In backtrack, you should see at the bottom a client pop up, the first MAC is the access point and the 2nd is the Client. Write down both. Open a new bash prompt and type:

aireplay-ng -2 -b APmac -d ff:ff:ff:ff:ff:ff -m 68 -n 68 -p 0841 -h CLmac ath0

aireplay

Where APmac is the mac address (bssid) of the access point and CLmac is the mac address of the client. For a detailed explanation of what all these settings do, open up a new bash prompt and just type aireplay-ng and it will spew out all the controls and what they do. The only one not explained is that the very first -2 tells aireplay to do the 3rd attack method in the list at the bottom (the first being 0).

aireplay-ng will now start sniffing for a certain type of packet with a length no more and no less than 68 bytes between client and access point. It will say "Read ### packets". At this point, if there is significant data transfer between the client and ap, it may snag the right type of packet already and there is no need to do the next step. In this case, hit Y to use the packet and skip the next step. If however, it keeps reading packets for a while (more than a couple min) and does not pop up saying "Use this packet?" then do the following:

Open a new bash prompt and type:

aireplay-ng -0 1 -a APmac -c CLmac ath0

This command will effectively terminate the connection between the AP and the client forcing the client to re-connect. It is this re-connection packet that we are looking to scoop up with the first instance of aireplay.

Go back to the first instance of aireplay and you should see something at the bottom of the screen saying "Use this packet?" Hit Y and aireplay will start sending out tons of packets to the AP. Switch over to airodump-ng which should still be running in the first bash prompt. Look at the data rate of the targeted AP. If all is going well, Aireplay is spewing out packets like mad to the access point and airodump-ng is picking up the chatter in between, the data should be rising quickly. This is exactly what we want.

If for some reason the data isn't going up quickly, go back to the first aireplay-ng and hit:

ctrl-c



If aireplay had picked up any more packets, it will prompt you again if you want to use them. Try more packets. Also, you may need to get closer to your access point or try the aireplay-ng -0 method again. Experiment. Once you've got the data rate going up quickly, start aircrack-ng and start crunching the numbers. Type in

dir



To get a list of the files. One file should be the out file that you specified in airodump-ng, specifically out-01.ivs. Each time airodump-ng is started with the same file output name, it creates a new one tacking on -01, -02, etc. Make sure you know which one you are outputting to.

Type in:

aircrack-ng -f 2 -a 1 -b APmac -n 64 out-01.ivs





Again, if you want to know what all the parameters mean, open up a new bash and type aircrack-ng and it will tell you. Basically -f is the fudge factor- default is 2, a higher number will be a more thorough but slower search. -b filters out all but the specified mac of the AP, -n says to search for a 64 bit key. If it runs for a long time and finds nothing, either you don't have enough IVs, or you are searching under the wrong key length. Try 128. You can also run multiple instances of of aircrack with different variables. Aircrack will continually update, notice the increasing IVs in the upper right as long is airodump-ng and aireplay are still going strong. After a bit of time, it should spit out your WEP key. Congrats! You now know how hard it is breaking into YOUR OWN NETWORK. Perhaps switch to WPA? If it didn't work, there could be any number reasons why. Do a little searching on the backtrack forums, google, etc, try setting up a different access point or learn how to do another type of attack, learn how to configure your hardware properly, etc, etc, etc. Take your time and explore the OS, if your new to linux, like i was when i started using backtrack, you'll have a lot to learn.



As a side note, In order to connect to a wireless network in backtrack, you must type in

iwconfig ath0 essid nameofnetwork key whateverthekeyis

ifconfig ath0 up

dhcpcd ath0

A message should pop up in the bottom right of the screen saying something about ath0 being connected. To disconnect, before switching to another network, type:

ifconfig ath0 down

then repeat the steps above with the new network information.

Further reading: http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm

I'd like to thank muts, max, redkommie, jacky, digi, creaters of backtrack, xatar for writing a lot of the guides that got me up to speed, the creators of aircrack-ng and all the awesome people on the rexploit forums.

resource: www.i-hacked.com

Read more...

GOOGLE ADSENSE

Google AdSense is the program that can give you advertising revenue from each page on your website—with a minimal investment in time and no additional resources.AdSense delivers relevant text and image ads that are precisely targeted to your site and your site content. And when you add a Google search box to your site, AdSense delivers relevant text ads that are targeted to the Google search results pages generated by your visitors’ searc request.


Setting Up Google Adsense Code

Since its inception, The Google AdSense has created considerable hoopla all over the world and opened a plethora of opportunities for people interested to earn online in an alternative way. However, a person should know the process of Setting Up Google Adsense properly to reap in maximum profits.


For Setting Up Google Adsense account and start earning, one needs to learn some basic steps. The first step a person requires to learn is the way to generate from his account the AdSense code. It is also imperative for a person to learn how to deal with the settings and appearance of his ad units from his accounts. He also needs to know the way to paste the ad code properly and get his article published on the Internet. For doing these, one needs to create an account with ‘HowToDoThings’.

One can take the help of the AdSense guide called ‘HowToDoThings’ for both Setting Up Google Adsense account and fine-tuning an already existing AdSense account. If one wants to make a Google Adsense account from the scratch successfully he should log in to the site of ‘HowToDoThings’. Thereafter, he should browse his contributor dashboard. Next, he should select “My Google AdSense Info” located on the left side of the page.

On doing so, the person will get a message saying that he does not have any Google AdSense account related with his HowToDoThings account. Clicking on the link will activate the AdSense account opening process. Here, the person is required to provide a valid e-mail address. In the next step, he will have to go through the conditions and terms laid by Google, which is an important part.

After reading the terms, he should click on ‘Sign Me Up’. Shortly after this, he will get a message confirming that an account has been created for him. It will also instruct the person to see his mailbox to receive further notifications. The Google email instructions need to be executed to activate the account.

In case, a person already owns a Google Adsense account he can link it with HowToDoThings. That way he can start getting article revenue quickly. This procedure is quite similar to Setting Up Google Adsense account from the scratch. A person needs to have a valid Google email id. Google informs the user after his HowToDoThings dashboard gets linked with AdSense and provides instructions for activating the account.



Read more...

MAKE WAJAN BOLIC ANTENNA


Introduce
Basicly the function of this wok is being wave reflector like parabola. More bigger of the wok more strong the wave we can get. This antenna can connect on the rang 1-1,5 km.



Make USB WIFI ANTENA
USB (Wajanbolic)
ENGLISH VERSION

Material
1. Big diameter of wok(more bigger more better)
2. PVC pipe with diameter 3 inch.
3. Doff 3″ (to close the top of PVC paralon) 2 piece
4. Aluminium foil
5. bolt wit size 12 or 14
6. Wifi USB Adapter
7. Double tape
8. UTP cable 10 meter
9. Pole (to make antenna more high)

Equipment

1. Ruler
2. Cutter

Procedure
1. Make the hole on the wok
2. Make USB ekstension with UTP cable
Calculate the focus of the wok D:diameter d:depth of the woke
F = D^2/(16*d) = 70^2 / (16*20)
example:

Parabolic dish with D = 70 cm, d = 20 cm
Distance focus from center dish : F = D^2/(16*d) = 70^2 / (16*20) = 15.3 cm

Cut the PVC pipe 30 cm, then give a mark for the distance of the feeder (free aluminium foil area).


1. Make the hole on pipe and don’t forget on the mark of focus to take Usb Wifi adapther
2. Then wrap pipe with aluminium foil except the feeder, if the alumunium foil doesn’t have a glue, use double tape.
3. Take the doff to close the pipe.
4. Then take first doff on hole of the wok. Then use the bolt and rool it.
5. Take the pipe on the doff.
6. Make 10 meter usb ekstension with UTP cable. Cut the short ekstension then open the cable. Choose the color of UTP and pair with the short USB ekstension. Nop roblem if u choose diferent color but you have to do again for the other point. With the same color of pair.example usb red>utp brown, usb blueutp green.
7. Connect the Usb ekstention with usb wifi. Take the antenna on the top of pole. Connect the ekstention cable to the computer and scan the wireless network.
8. When it’s connect you are ready to browsing, surfing, and wardriving.
pic. Tutuppancibolic (close with usb wajanbolic)


Read more...

MAKE WAJAN BOLIC ANTENNA

PENDAHULUAN
Pada umumnya peranan wajan (parabolic) adalah sebagai reflector, atau pemantul gelombang. Yang kemudian gelombang tersebut dipantulkan dari semua sisi wajan dalam satu titik yang dinamakan focus dengan tujuan sinyal semakin kuat. Dapat kita ambil dalam reflector lampu senter, sinar yang berada pada titik focus lebih terang daripada titik yang lainnya, begitu pula pada fungsi wajan bolic ini. Kesimpulannya Semakin besar wajannya semakin butuh banyak minyak gorengnya(hex2..)



BAHAN

1. Wajan diameter 36″ (semakin besar diametr semakin bagus)
2. PVC paralon tipis diameter 3″ 1 meter
3. Doff 3″ (tutup PVC paralon) 2 buah
4. Aluminium foil
5. Baut + mur ukuran 12 atau 14
6. Wifi USB Adapter
7. Double tape + lakban
8. Kabel utp 10meter
9. Tiang besi atau apabila budget mpet ya tiang bamboo(untuk meninggikan antenna, lebih tinggi dari bangunan)

PERALATAN

1. Penggaris
2. Pisau/ Cutter
3. Gergaji besi

PERKIRAAN HARGA

Wajan tempat penggorengan kira-kira sekitar Rp.45.000, Terus yang penting USB wirelesnya Rp.250.000 peralon 3 inc 1meter Rp.20.000, Kabel Utp (sebagai ekstensi usb) 10meter Rp.25.000. Bahan-bahan yang lain tidak dihitung dikarenakan harga murah dan mudah didapat.

TAHAP PENGERJAAN

1. Siapkan semua bahan dan peralatan yang dibutuhkan.
2. Lubangi wajan tepat di tengah wajan tersebut seukuran baut 12 atau 14, cukup satu lubang saja.

Kemudia, ukur diametr wajan, kedalaman wajan dan feeder/ titik focus. Untuk lebih jelas nya silahkan liat gambar di bawah.

Parabolic dish dg D = 70 cm, d = 20 cm

maka jarak titik focus dari center dish : F = D^2/(16*d) = 70^2 / (16*20) = 15.3 cm(ket :^àpangkat, *àkali, /àbagi)

Pada titik focus tsb dipasang ujung feeder. Untuk mendapatkan gain maksimum.

1. Potong PVC paralon sepanjang 30 cm, kemudian beri tanda untuk jarak feeder nya (daerah bebas aluminium foil). Untuk menentukan panjang feeder nya gunakan rumus di atas.
2. Beri lubang pada focus bagian paralon untuk meletakkan Usb Wifi
3. Selanjut nya, bungkus PVC paralon dengan dgn aluminium foil pada daerah selain feeder, klo aluminium foil yang ada tanpa perekat, maka untuk merekatkan nya bisa menggunakan double tape
4. Dan pasangkan doff tersebut ke PVC paralon
5. Kemudian, wajan yang telah di lubangi tadi dipasangkan dengan doff yang satu nya lagi, sebelum nya doff tersebut dilubangi sesuai dengan ukuran bautyang sudah di siapkan, dan kencangkan secukup nya.
6. Kemudian tinggal pasangkan PVC paralon tadi ke wajan yang sudah di pasang doff.
7. Buat Usb Ekstensi perpanjangan 10 m dengan UTP kabel caranya: Potong kabel perpanjangan menjadi 2, satukanlah masing-masing kabel perpanjangan dengan kabel UTP (pilih empat kabel saja) lakukan di ujung yang lain (jangan sampai menyatu) dengan catatan warna kabel dengan pasangan harus sama dengan ujung lainnya. Agar tidak terjadi kesalahan catat. Missal, usb biruàutp hijau, usb kuningà utp coklat. Lakban sambungan kabel tersebut.
8. Sambungkan USB dengan perpanjangan USB yang dibuat tadi. Pasangkan di tiang peninggi. Tancapkan kabel USB kekomputer dan scan wireless network.
9. Wajan bolic sudah siap untuk digunakan browsing, atau paling tidak untuk wardriving.

Gb. Tutuppancibolic (hampir sama dengan wajanbolic)








Read more...

WINDOWS 7



Windows 7 (formerly codenamed Blackcomb and Vienna) is the next release of Microsoft Windows, an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops, Tablet PCs, and media center PCs.

Microsoft stated in 2007 that it is planning Windows 7 development for a three-year time frame starting after the release of its predecessor, Windows Vista, but that the final release date will be determined by product quality.



Unlike its predecessor, Windows 7 is intended to be an incremental upgrade with the goal of being fully compatible with existing device drivers, applications and hardware.Presentations given by the company in 2008 have focused on multi-touch support, a redesigned Windows Shell with a new taskbar, a home networking system called HomeGroup,and performance improvements. Some applications that have been included with prior releases of Microsoft Windows, most notably Windows Mail, Windows Movie Maker and Windows Photo Gallery, are no longer included with the operating system; they are instead offered separately as part of the Windows Live Essentials suite.

In 2000, Microsoft started the planning to follow up Windows XP and its server counterpart Windows Server 2003 (both codenamed Whistler) with a major new release of Windows that was codenamed Blackcomb (both codenames refer to the Whistler-Blackcomb resort). This new version was at that time scheduled for a 2005 release.[6][7]

Major features were planned for Blackcomb, including an emphasis on searching and querying data and an advanced storage system named WinFS to enable such scenarios. In this context, a feature mentioned by Microsoft co-founder Bill Gates for Blackcomb was "a pervasive typing line that will recognize the sentence that [the user is] typing in."[8]

Later, Blackcomb was delayed and an interim, minor release, codenamed "Longhorn", was announced for a 2003 release.[9] By the middle of 2003, however, Longhorn had acquired some of the features originally intended for Blackcomb, including WinFS, the Desktop Window Manager, and new versions of system components built on the .NET Framework. After the 2003 "Summer of Worms", where three major viruses − Blaster, Sobig, and Welchia − exploited flaws in Windows operating systems within a short time period, Microsoft changed its development priorities, putting some of Longhorn's major development work on hold in order to develop new service packs for Windows XP and Windows Server 2003. Development of Longhorn was also "reset" in September 2004.


Read more...

Basic Computer Network Information

Introduction

A network is a group of things that are connected together. In a computer network, the things that are connected are computers, of course. A computer network can be as small as two computers but there is no maximum size, and many networks have hundreds or thousands of computers.

There are three main reasons for connecting computers in a network:

  1. Share information. This can be messages such as e-mail, or it can be files that are stored on one computer and used by someone at a different computer.
  2. Share resources. A printer that can be accessed from different computer systems is a shared resource. So is an Internet connection used by more than one computer.
  3. Centralized control. In most offices, the management determines what the computers may be used for and what kind of resources and support they need. This is much easier to deal with if the computers are connected.

Types of Networks

Just as there is no limit to the number of systems in a network, there is also no limit to the geographical size of a network. As a practical matter though, there are some structural differences between a network of computers all in the same room, and a network connecting computers in Los Angeles to ones in Sydney Australia.

The most common network includes computers that are close together, usually in the same building or office. This is called a Local Area Network, abbreviated LAN.

The computers in a LAN are usually connected with cable made up of pairs of wires, but faster (and more expensive) cables are made from glass fibers, called fiber optic cable. A network may even use radio waves, in which case it is a wireless LAN.

When the computers being connected are far apart, typically in different cities, it is called a WAN or Wide Area Network. The connection is usually done with special high-speed lines leased from the phone company, but it is also possible to connect over an ordinary phone line using a device called a modem. It’s slow, but possible. Accessing a network through a phone line and modem is called a dial-up connection.

The biggest of all networks is the Internet. The backbone of the Internet consists of powerful computers all over the world with high-speed connections between them. Individual computers such as yours then connect to this backbone through an Internet Service Provider or ISP.

Ethernet

Most LANs in existence today use a technology called Ethernet. In an Ethernet network, every piece of information put on the network is seen by every other computer on the network, and each computer must determine if that information is meant for itself.

To make this work, before the information goes out on the network it is first broken up into small pieces called packets, and each packet has added to it the address of the computer that should receive it. The part of the packet containing the address is called the header.

Header



Packet diagram

Then, each computer looks at the address on each packet that comes by on the network cable, and copies the ones that have the right address. The computer that sent the packet is called the source, and the one that is supposed to receive it is called the destination.

Network Connections

When a packet comes out of the computer that originated it, that packet must have a complete electrical path to every other computer. The simplest way to do this is to have a cable that goes from one computer to the next until it has connected to each one. This is called a bus network.



Bus Network

A bus network is the simplest to explain and draw, but it’s not often the simplest one to use, especially if computers are distributed around various offices in a building, and then get added, taken away, moved around and so forth.

A much more practical way to connect more than a couple of systems is to connect each one to a device called a hub. Each system has a cable that goes from it to the hub, and inside the hub an electrical connection is made between all of the cables. Each place where a cable plugs into the hub is called a port.


5-port hub ports

To create larger networks, hubs can use one or more of their connections to connect to other hubs. This is called a star network, but as far as the electrical signals are concerned, they go from one computer to every other computer, no different than the bus network.

3-hub star network

When networks get really big, with 100s of systems or more, it’s no longer such a good idea to have each computer look at every packet, because almost none of the packets will be for that computer. The large network can be broken up into smaller groups called subnets, and these are connected with a device called a data switch, or just a switch.

Within each subnet, all of the computers still see every packet, and so does the switch. Normally the switch won’t pass those packets on to the other subnets, but if the packet has an address for a destination in another subnet, the switch will pass the packet to the port for that subnet. All of the systems in that subnet will then see the packet, including the system it is actually addressed to. In order to know where to send a packet, the switch must have a table of addresses for each subnet.


Switch with 4 subnets

The simplest form of a switch is called a bridge, and it connects just two subnets. A bridge only needs two ports then, one for each of the subnets.

Sometimes a network will be so big and complex that one switch isn’t enough to connect all of the subnets. In that case the subnet receiving a packet might be connected to a different switch than the subnet where the packet started. This is a more complicated problem, because the switch would need to know not only the packet’s destination, but also where to send it next to make sure it got there.

For this, a smarter device is needed, called a router. The router needs to know not only the subnet addresses, but also the best path, or route, to get from one to another.


Route path diagram

One place where routers are used in a big way is the Internet. If you send a message on the Internet, it might go through many routers before it reaches its destination. And when you surf to a website, all of the graphics and text showing up on your screen had to go through routers to find their way from the web site to your computer.

By the way, every LAN that connects to the Internet becomes a subnet of the Internet, even if it has its own internal subnets.

Clients and Servers

In addition to the various ways networked systems can be physically connected, there are two basic ways that network activities can be arranged. In one, all of the computers have equal status. This is called peer-to-peer, because a peer means someone (or something) that is the equal of another. Peer-to-peer is used mostly in very small networks of less than a dozen systems.

The more common arrangement is called client-server. One system, called the server, is responsible for a particular activity or resource. The other systems are called clients, and they go through the server when they want to use the function or resource that the server is responsible for.

Some of the things servers are commonly used for include network administration, e-mail, printers, file storage, and Internet access. Often several of these functions will be combined into one machine. There is no rule that says a network server and a print server can’t be the same system.

Clients Server
print server

There is also no rule that says a server must serve the entire network. It is usually convenient to have a separate network server for each subnet. There are other divisions that can occur even within a subnet. Computers that need to share the same resources can be organized into workgroups. With the Windows NT operating system, the LAN can be divided into sections called domains, and each domain needs its own server called a domain controller.

Protocols

A protocol is an agreed-upon standard for how something will be done. When your mother taught you to chew with your mouth closed and keep your elbows off the table, that was a protocol for proper dining. Computer protocols are the rules for connecting with other computers and exchanging information with them.

Ethernet is a protocol. Earlier we called it a technology, but it is also a set of rules for how that technology is used. If each piece of hardware and software complies with the rules, then information can be correctly transferred from one from one system to another in a LAN.

There are many protocols used in networking. There are some protocols that are used together with other protocols, where each one takes care of different aspects of networking. Sometimes two protocols do the same thing in different ways, and it is necessary to choose one or the other. The important thing is that both systems trying to communicate with each other have matching protocols that they can use.

TCP/IP

One very important set of protocols is called TCP/IP. It is important because it is what the creators of the Internet decided would be used for that particular network, which means that any computer that wants to connect to the Internet must also use TCP/IP. TCP/IP stands for Transmission Control Protocol / Internet Protocol.

TCP/IP is actually in two parts. The TCP portion covers the agreements between systems about how they will carry on their ‘conversation’, and the IP portion deals with addressing the packets and routing them.

The TCP part all happens in the background and we don’t really need to concern ourselves with it under normal circumstances. However, in a network that uses TCP/IP, every system must have a unique IP address, and that is something that requires human intervention in one way or another.



IP Addresses

An IP address is made up of four sets of numbers separated by periods. An example is:

192.168.42.122

Each of these sets of numbers is called an octet, because they started out as 8-digit binary numbers. By changing them into 3-digit decimal numbers, the whole address is shorter and easier to remember. The highest value for any octet is 255, because the highest number you can make with eight binary digits is equal to 255 in decimal.

In most networks, the first three octets are the same for all systems, and the last octet is different for every machine. If there are more than 255 computers in a network, it is usually divided into smaller subnets.

Static or Dynamic?

There are two ways to associate a unique IP address to a specific computer. One way is for the administrator to assign a number, which stays the same unless somebody decides to change it some day. That number is then a static IP address.

The other way is to assign a group of addresses to a server, and let the server hand them out as needed to any system that wants to communicate on the network. This produces a dynamic IP address. It is sometimes important to know which method is in use on a network, because with dynamic addressing, the IP address of a machine may be different each time you try to communicate with it.

Computer Names

The example address 192.168.42.122 is only one digit longer than a phone number with area code, but that’s plenty long enough to give most of us a hard time. It’s much easier for people to remember a name instead of a number, and for this reason computers in a network are also given a unique name. It may be something mundane like Sales14, but at least it’s a name and not a number.

This is not only easier to remember, but it solves the problem of a dynamic address that changes all the time, because the computer name doesn’t normally change. It does create another problem though, because the computers use only the addresses and not the names to keep track of each other. Fortunately there is a part of the TCP/IP protocol called address resolution, and it matches up the names and addresses so things keep rolling smoothly along.

Security

The problem with connecting computers to the Internet is that they are then sharing a network with many other computers from all over the world, and the users of some of those other computers are not such nice folks. Protecting the network and the information on it is one of the most important parts of a network administrator’s job.

Encryption

One way to protect information is to scramble it so that it appears to be gibberish unless someone has the right ‘key’ to unscramble it. Scrambling it is called encryption, and unscrambling it is called decryption. There are many ways to encrypt information, and of course just as many keys to decrypt it.

Encrypting and decrypting information slows things down a bit, so a decision must be made about when to use it. For packets going around the LAN, it depends on how likely it is that someone will gain unauthorized access to the LAN, called hacking. It also depends on how much damage would be done if that happened. If the threat is severe, encryption can be done not only on the transmitted packets but also to information stored on the disk drive.

For information going over the Internet, encryption is much more important unless it’s all right for the whole world to see the information. If you send your credit card number to a vendor, you must trust that vendor to encrypt and safeguard the information.

Virus Software

A computer virus is a little program that makes copies of itself to send to other computers. It’s very similar in some ways to contagious germs spreading a disease from one person to the next. And like diseases, some of these computer viruses have some really nasty side effects, like wiping out important files in the operating system or filling up the hard drive with garbage data.

As we will discuss a little later, there are ways to keep these virus programs from getting to your computer, but they are not foolproof. A lot of viruses come in attached to e-mail, and then they will mail copies of themselves to everyone in your e-mail address folder. You can’t completely block them without blocking e-mail, and most of us like to get e-mail from our friends and coworkers.

The most important prevention for viruses is to have a good anti-virus program installed on your computer. Norton, McCaffey and Panda are probably the most popular. The next most important thing is to keep the anti-virus software up-to-date, because the delinquents who write virus software are always coming up with new tricks, and the anti-virus companies are just as quickly coming up with new versions to stop them.

Access Control

If you have ever had a computer that was connected to a local area network, you almost certainly had to type in a user name and password to get network access. It’s two forms of ID, just like when you cash a check at department store.

The network administrator used that identification information to determine what you could and couldn’t do on the network. And there may have been additional passwords to access the company’ customer database, employee payroll records, or files stored on someone else’s computer.

Here are a few tips about passwords:

1. First, if you share files on your computer, use password protection for them even if they are available to everyone in the network. That way they can’t be tampered with if a hacker breaks in.

2. In choosing a password, never use your name, your birthday or other obvious personal information. The best is a random combination of letters and numbers.

3. Commit the password to memory, and if you must write it down, hide it. A password written on a post-it note stuck to your monitor is probably worse than no password at all.

4. Don’t give your password to someone you don’t know personally just because they claim to be tech support, the phone company, the police or your long-lost Aunt Matilda. Refer them to the network administrator, or better yet, get their phone number and have the network administrator call them back.

Firewalls

In a building, a firewall is a wall to keep fire from spreading from one area to another. In a computer network, a firewall is a boundary that can block unwanted data packets. The firewall may be program running on the server or router, or it may be a separate piece of hardware or even a complete computer system just for that purpose. In any case, its purpose is to look at all of the packets coming through, and decide which ones can pass and which ones get blocked.

Ports – Several pages ago, we defined a port as the place in a hub that a cable plugs into. There is another completely different kind of thing called a port, and that is a location in a computer’s memory that is used by a device or application to send and receive data. Each application will have one (or more) of these locations for its own use.

For instance, there is a common e-mail program that has port # 110, which means that the program exchanges information with the rest of the system at memory location 110. The popular game called Doom uses port # 666.

When a packet is sent over a network, it will contain not only the destination address, but also the port number of the application that will use it at that destination. One of the ways a firewall controls the packets is by looking at the port number, and only passing packets with ports that are appropriate for the destination. If nobody should be playing Doom on the network’s computers, then it would make sense to block port 666.

Another way a firewall can control traffic is to look at the source of the packet. It can have a ‘prohibited’ list that keeps out packets from certain IP addresses, or it can have an ‘allowed’ list and block everyone who isn’t on it. Ports can be done the same way, with a ‘prohibited’ or ‘allowed’ list of ports.

source : www.micro2000.co.uk

Read more...
dh@nex_sucks2008
Back to TOP